May 13, 2019 Newsletter
Dear Loyola Colleagues,
Information Technology Services is pleased to share some exciting improvements coming to our Loyola University Chicago community. Please read on to learn more about technology changes from the Loyola Digital Experience Program, a new University-wide space and asset management system, progress on the Windows 10 upgrades, and our Technology Tips and Tricks.
Loyola Digital Experience—Exchange Online
The initial roll-out and migration of on-premise email to Microsoft Exchange Online is now underway. In order to gauge the experience from the end-users, we gained feedback from pilot testers in various departments including Information Technology Services, University Marketing and Communication, and University Libraries. The next move is scheduled for May 17 and will include retirees, emeritus users, and alumni users. Future moves, over the next two months, will not be department specific. Individuals will be contacted via email as to when they will move and what they should expect to see. To anticipate what you’ll see or experience as part of the Exchange Online migration, please visit the Exchange Online website.
Loyola Digital Experience—Multi-Factor Authentication (MFA)
MFA enhances information security by combining the traditional UVID and password with another factor for authentication, making it more difficult for hackers to compromise your account. Use of a generated code obtained via text, phone call, or from a mobile device application serves as the second method of authentication.
Starting in June, MFA will be required for users of Loyola Secure Access. ITS will announce and phase in other University applications such as SLATE, Lawson, and LOCUS to use MFA over time. To learn more about MFA and where it will be required, please visit LUC.edu/its/services/mfa.
University-Wide Space and Asset Management System
Facilities has selected an exciting new technology (Archibus) to improve management and administration of its building, spaces, and assets across all of its campuses. The configuration and setup for this project will take about 18 months and will consist of several key modules including space inventory, drawing management, indirect cost recovery, asset management, and move management. The system will integrate closely with several core technologies already in place and will be rolled out in multiple phases over the next three years.
Windows 10 Upgrade
The remaining Windows 7 to Windows 10 upgrades will be scheduled this summer and fall. Nearly 75 percent of workstations have already been migrated; the remaining will be upgraded by the end of this calendar year. If you still work on a Windows 7 PC, ITS will be in contact in the weeks and months ahead to help with the upgrade. Windows 10 offers improvements in performance, reliability, and contemporary functionality. If interested in upgrading earlier, contact our ITS Service Desk and make that request now. To learn more about available features, visit Windows 10.
Technology Tips and Tricks
Be Secure When You Leave Your Desk
Need to get up from your desk in a hurry? Don’t leave your desk without locking your PC first. The quickest way is to hold down the Windows Key and the L Key at the same time. This will instantly lock your desktop and prevent anyone from seeing your work or using your credentials.
Reliable Traffic and Navigation Mobile App
WAZE is the world’s largest community-based traffic and navigation app. The app can easily direct you around Chicagoland, avoiding all the bumper-to-bumper backups and trouble spots in the city. You learn from other drivers who share real-time traffic info and contribute input yourself as you drive. WAZE is used by many of us within ITS who swear by its usefulness and accuracy. Give it a try! It is available for free download on Google Play and at the Apple App Store.
If you have questions regarding any of these updates, please contact us at 773.508.4ITS or visit LUC.edu/its.
Susan M. Malisch
Vice President, Chief Information Officer
Computing, networking, telephony, and information resources of Loyola University Chicago are available to advance our education, research, health care and public service missions. Any access and use of these resources and services that interfere with these goals are prohibited. All who access and use these resources will abide by all applicable policies, legal and contractual requirements, and the highest standard of ethical principles and practices, when using these University resources. Breach of or disregard for access and acceptable use policies are grounds for revoking access privileges, and may lead to additional sanctions by the University, including referral to other authorities for civil litigation and criminal prosecution.
This policy applies to all persons accessing and using computing, networking, telephony and information resources through any facility of the University. These persons include students, faculty, staff, persons retained to perform University work, and any other person extended access and use privileges by the University given the availability of these resources and services, and in accordance with University contractual agreements and obligations.
Systems and resources covered
This policy covers all computing, networking, telephony and information resources procured through, operated or contracted by the University. Such resources include computing and networking systems including those that connect to the University telecommunications infrastructure, other computer hardware, software, data bases, support personnel and services, physical facilities, and communications systems and services.
Policy on access and acceptable use
Computing, networking, telephony and information resources at the University, including access to local, national and international networks, are available to support students, faculty and staff as they carry out the University's instructional, research, health care, administration and public service missions. Therefore, the University encourages and promotes the access and use of these resources by the University community. However, access and use which do not support the University mission are subject to regulation and restriction to insure that they do not interfere with this legitimate work. Any access and use of computing, networking, telephony and information resources must not interfere with the University's instructional, research, health care and public service missions and should be consistent with the person's educational, scholarly, research, service, operational or management activities within the University. Those who access and use University computing, networking, telephony and information resources are to take reasonable and necessary measures to safeguard the operating integrity of the systems and their accessibility by others, while acting to maintain a working environment conducive to carrying out the mission of the University efficiently and productively.
Responsibilities regarding system and resource use
Persons who access and use university computing, networking, telephony and information resources are responsible for:
- respecting the rights of other individuals, including compliance with other university policies for students, faculty, and staff -- these rights include but are not limited to intellectual property, privacy, freedom from harassment, and academic freedom,
- exercising caution when committing confidential information to electronic media given that the confidentiality and integrity of such material are difficult to ensure,
- activity connected with the individual's assigned account,
- using systems and resources in ways that do not interfere with or disrupt the normal operation of these systems, nor interfere with the access and use of these systems and resources by others allowed to do so,
- protecting the security of access to University computing and networking systems and the confidentiality and integrity of information stored on University computing and networking systems,
- knowing and obeying the specific policies established for the system and networks they access.
- members of the University community with access to University electronic resources may not use these resources in a way that implies that the University is actually or implicitly espousing a particular view, or endorsing any person, organization, product, service or belief; similarly, they may not use the name, logos, facilities or resources of the University for any personal, commercial or similar purposes, or to participate in or intervene in (including the publishing or distribution of statements) any political campaign on behalf of, or in opposition to, any candidate for public office.
Under no circumstances, may individuals give others access to any system they do not administer, or exploit or fail to promptly report any security loopholes. Individuals must act to maintain a working environment conducive to carrying out the mission of the University efficiently and productively.
Individuals may not under any circumstances deliberately circumvent or attempt to circumvent data protection schemes or uninstall or disable any software installed by the university for the purpose of protecting the university from the intentional or unintentional disclosure of information.
Systems and network administration, and facilities management
Administrators of systems and networks have the responsibility to protect the rights of users, to set policies consistent with those rights, and to publicize these policies to their users. They have authority to control or to refuse access to anyone who violates these policies or threatens the rights of other users. They have the responsibility to notify those individuals affected by decisions they have made. Administrators of systems and networks are empowered to take reasonable steps necessary to preserve the availability and integrity of the system, to restore the integrity of the system in case of malfunction, abuse, virus, and other similar situations, and to protect the integrity of University data and other assets. These steps may include deactivating accounts, access codes or security clearances, stopping processes, deleting affected files, and disabling access to computing, networking, telephony, and information resources.
All devices deployed in the PCI environment must be documented listing Acceptable uses for the technology, Acceptable network locations for the technology, along with a list of company approved products. Additionally, all devices within the PCI environment must be labeled containing the owner, contact information, and purpose of the device.
Demand for computing, networking, telephony and information resources may occasionally exceed available resources. Priorities should be established for allocating such resources, giving a higher priority to activities that are more essential to the mission of the University.
Access to University computing resources is granted to ensure that all who use these resources are given sufficient access rights to fully perform their tasks without restriction, but no more. Please review the following policies for details of protecting information when accessing University computing resources:
- Access Control Policy
- Vendor Access to Internal Systems Policy
- Password Standards
Appeal of an administrative decision
Individuals who disagree with an administrative decision may submit an appeal of the decision to the appropriate resource manager or systems administrator. From there, a student may submit an appeal to the Dean of Students, a faculty member through their department administration either to the Provost or to the Vice President for the Health Sciences, and a staff member through their management to the Vice President for Human Resources. Individuals must submit these appeals according to any rules and procedures issued by system administrators or component administrators.
Noncompliance and sanctions
Individual units within the University may define "conditions of acceptable use" for facilities and resources under their control. These statements must be consistent with this general policy but may provide additional detail, guidelines and restrictions. Such "conditions of acceptable use" should indicate the enforcement mechanism. Where no enforcement mechanisms exist, the procedures defined in the applicable University's standards of conduct, i.e., Student Handbook (students), Faculty Handbook (faculty), and Employee Handbook and Personnel Policies (staff), will apply. Where use of external networks is involved, policies governing such use also are applicable and require compliance by individuals using these networks, which include:
- Illinois Century Network (ICN) Acceptable Use Policy
- Conditions of Use for the Abilene Network (Internet 2)
Acceptable use policies for these networks are available on the Internet. Disregarding policies and procedures concerning access and use of computing, networking, telephony and information resources may result in the denial or removal of access privileges by administrators of systems and networks, and may lead to disciplinary action under the applicable University's standards of conduct, as cited above. Additionally, such disregard may be referred to other authorities for civil litigation and criminal prosecution under applicable state and federal statutes.
Legal context for this policy
Regarding legal context, all existing laws (local, state and federal) and University policies, regulations and rules apply, including not only those laws, policies, regulations and rules that are specific to computers and networks, but also those that apply generally to personal conduct including Sexual Harassment: Faculty, Staff and Students.
Relationship of this policy with others
This policy supplements the Rights and Responsibilities for the Access and Use of University Computing, Networking, Telephony and Information Resources policies and the Access and Acceptable Use of Public Access Computing and Networking Facilities and Services. These policies are available and can be found on the Loyola University Chicago website. The University reserves the right to change the information, requirements and procedures announced in this policy. This policy will continue to be in effect until a further revision is required and promulgated. Consult the campus computing center or the appropriate system administrator for information on other policies, procedures or directives that supplement this policy.
- September 4, 2009: Initial Policy
- October 22, 2012: Corrected links
- August 8, 2014: Add “Access” clause for PCI Compliance
- October 13, 2014: Add PCI 3.0 labeling requirements
- May 11, 2015: Annual review for PCI Compliance
- April 21, 2016: Annual review for PCI Compliance
- October 25, 2016: Changes to section "Responsibilities Regarding System and Resource Use" as Approved by President's Cabinet.
- April 19, 2017: Annual review for PCI Compliance
- July 10, 2018: Annual review for PCI Compliance
- Aug 8, 2019: Annual review for PCi Compliance